[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OpenSSH Security Advisory: Trojaned Distribution Files
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 1 Aug 2002, Niels Provos wrote:
> OpenSSH Security Advisory (adv.trojan)
>
> 1. Systems affected:
>
> OpenSSH version 3.2.2p1, 3.4p1 and 3.4 have been trojaned on the
> OpenBSD ftp server and potentially propagated via the normal mirroring
> process to other ftp servers. The code was inserted some time between
> the 30th and 31th of July. We replaced the trojaned files with their
> originals at 7AM MDT, August 1st.
How did this happened? Solaris knockdown?
Best Regards,
- --
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Eduardo A. Alvarenga - Analista de Suporte #179653
Secretaria de Segurança Pública do Estado do Pará
Belém - Pará - (91) 223-4996 / 272-1611
eduardo@{thrx.dyndns.org,segup.pa.gov.br}
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
OpenBSD Consultant: www.openbsd.org/support.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9SVXspKK2uJoGDlMRAgtmAJ9+lOYEAkAX/IMJ5EqEJwoo5Vx1kACbBmos
c3ZHD6IISn4kyJhjWJVNteQ=
=70xp
-----END PGP SIGNATURE-----